Password Change action allows a user to change their current password to a new one. This process is implemented to enhance user security, ensure that old passwords are deactivated, and improve in-app access security.
Technical Specifications
Parameter Configuration
Required Parameters:
Optional Parameters:
A user wants to update their current password on the ‘Profile Settings’ screen within the application. The user first enters their old password and then completes the process by setting a new password.
Application Flow:
Parameter Assignments:
After successfully changing their current password to a new one, the user continues their session within the application without interruption.
The Password Change action used in the Kuika platform allows users to securely change their current passwords. Beyond the basic functionality, various customisations and security measures can be applied to the password change process:
1. Form Validation (Field Consistency): The ‘New Password’ and ‘New Password (Repeat)’ fields in the password update form can be linked to each other using the Condition property. This allows you to check whether the two fields match before the Password Change action is triggered. If the validation fails, the process is stopped; if successful, the password change process is initiated.
2. Password Security Level Control: Various rules can be applied to ensure that the new password is strong. For example:
These checks can be performed using Condition expressions defined on user inputs. Processes can be blocked for passwords with weak security levels, and appropriate warnings can be displayed to the user.
3. Conditional Warning Display: When the password is successfully changed, the user can be notified using the Notify action. This notification can be configured, for example, as ‘Your password has been successfully updated.’ Similarly, it is possible to display an error message when the operation fails.
Technical Risks and Controls
Password Change Action is a security step that enables users to change their system passwords to increase security. It can be easily implemented via the UI and customized with optional parameters. When used in conjunction with a strong password policy, it significantly increases application security.